<?php
/**
 *
 * @group_name 湖南伯瑞曼科技有限公司
 *
 * @author Master
 *
 * @api Auth
 *
 * @time 2021/8/29 - 0:57
 *
 */

namespace app\api\common;


use Firebase\JWT\BeforeValidException;
use Firebase\JWT\ExpiredException;
use Firebase\JWT\JWT;
use Firebase\JWT\Key;
use Firebase\JWT\SignatureInvalidException;
use think\Exception;
use think\facade\Cache;

class Auth
{


    use Output;
    protected $key = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()+~?/';

    /**
     * 验证签名
     * @param $data
     * @return false|string
     */
    public static function getSignkey($data)
    {
        if (empty($data)) {
            return false;
        }
        ksort($data); //按字典顺序排序
        $query = http_build_query($data);
        //aes加密
        return (new Auth)->encrypt($query);
    }

    /**
     * AES-128-ECB加密
     * @param $data
     * @return string
     */
    public function encrypt($data)
    {

        $res = openssl_encrypt($data, 'AES-128-ECB', $this->key, OPENSSL_RAW_DATA);
        return base64_encode($res);
    }

    /**
     * AEC-128-ECB解密
     * @param $data
     * @return false|string
     */
    public function decrypt($data)
    {
        $res = base64_decode($data);
        $res = openssl_decrypt($res, 'AES-128-ECB', $this->key, OPENSSL_RAW_DATA);
        return $res;
    }



    public static function checkSignkey($str){
        //解密aes
        $data = (new Auth)->decrypt($str['sign']);
        parse_str($data , $sign);//把查询字符串解析到变量中
        //验证设备号
        if(empty($sign['did']) || !isset($sign['did']) || $str['did'] != $sign['did']){
            $data = [
                "code" => 0,
                "msg" => 'sign验证失败！'
            ];
            return $data;

        }
        //验证version
        if(empty($sign['version']) || !isset($sign['version'])  || $str['version'] != $sign['version']){
            $data = [
                "code" => 0,
                "msg" => 'sign验证失败！'
            ];
            return $data;

        }
        //验证 时间戳
        if(empty($sign['time']) || !isset($sign['time']) || $str['time'] != $sign['time']){
            $data = [
                "code" => 0,
                "msg" => 'sign验证失败！'
            ];
            return $data;
        }
        if(request()->ip() !== $sign['ip']){
            $data = [
                "code" => -2,
                "msg" => '已在其它设备登陆！'
            ];
            return $data;

        }
        if(empty(Cache::get($sign['time'].'token'.request()->ip()))){
            $data = [
                "code" => 0,
                "msg" => '已在其它设备登陆！'
            ];
            return $data;
        }
        return true;
    }

    public static function checkToken($token){
        $key='!@#$%*&';
        $common = new common();

        try {
            JWT::$leeway = 60;//当前时间减去60，把时间留点余地
            //$decoded = JWT::decode($token, $key, array('HS256')); //HS256方式，这里要和签发的时候对应

            $decoded =  JWT::decode($token, new Key($key,"HS256")); //HS256方式，这里要和签发的时候对应
            $arr = (array)$decoded;
            $res['code']=1;
            $res['data']=$arr['data'];
            return $res;

        } catch(SignatureInvalidException $e) { //签名不正确
            $data = [
              "code" => 0,
                "msg" => '签名不正确！'
            ];
            return $data;
        }catch(BeforeValidException $e) { // 签名在某个时间点之后才能用
            $data = [
                "code" => 0,
                "msg" => 'token失效，登录已过期,请重新登录！'
            ];
            return $data;
        }catch(ExpiredException $e) { // token过期
            $data = [
                "code" => 0,
                "msg" => '登录已过期,请重新登录！'
            ];
            return $data;

        }catch(Exception $e) { //其他错误
            $data = [
                "code" => 0,
                "msg" => '系统异常！'
            ];
            return $data;
        }
    }
    //验证接口权限
    public static function checkapiauth($token){




    }



}